Sanitizing user input
This commit is contained in:
parent
c898a8a6c9
commit
8f09299e24
|
@ -141,7 +141,7 @@ class TileStack extends TileBase {
|
||||||
}
|
}
|
||||||
|
|
||||||
public function get() {
|
public function get() {
|
||||||
$r = '<div class="title gallery_div">'.$this->stack_name.'</div>';
|
$r = '<div class="title gallery_div">'.htmlentities($this->stack_name).'</div>';
|
||||||
for ($i = 0; $i < count($this->tiles_array); $i++) {
|
for ($i = 0; $i < count($this->tiles_array); $i++) {
|
||||||
$top = rand(-5, 5);
|
$top = rand(-5, 5);
|
||||||
$left = rand(-5, 5);
|
$left = rand(-5, 5);
|
||||||
|
@ -168,7 +168,7 @@ class TileStack extends TileBase {
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getOnClickAction() {
|
public function getOnClickAction() {
|
||||||
return 'javascript:openNewGal(\''.$this->stack_name.'\');';
|
return 'javascript:openNewGal(\''.htmlentities($this->stack_name).'\');';
|
||||||
}
|
}
|
||||||
|
|
||||||
private $tiles_array;
|
private $tiles_array;
|
||||||
|
|
|
@ -14,7 +14,7 @@ div.visible { opacity: 0.8;}
|
||||||
</style>
|
</style>
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
|
|
||||||
var root = "<?php echo $root; ?>";
|
var root = "<?php echo htmlentities($root); ?>";
|
||||||
|
|
||||||
function explode(element) {
|
function explode(element) {
|
||||||
$('div', element).each(function(index, elem) {
|
$('div', element).each(function(index, elem) {
|
||||||
|
|
Loading…
Reference in New Issue